A new scam on WhatsApp uses the O Boticrio brand and aims to steal users' personal data. Identified by the dfndr lab, from the developer of security apps PSafe, the criminal action uses social engineering and simulates a company Christmas promotion, in which participants would win products from their makeup lines. Interested parties should share a message with friends who needed to register on the platform.
In this case, the criminals acted in a more sophisticated way, since the system was able to verify that the CPF informed belonged to the name entered and, thus, offered a false sense of credibility. According to PSafe, six different links were found for the same scam and, together, totaled 40,000 detections in the last 24 hours. Also according to the company, malicious actions of the kind were responsible for 43.8 million detections in the third quarter of 2018.
WhatsApp prevents limit on message forwarding tool
Sophisticated blow used the cosmetics brand O Boticrio Photo: Reproduo / TechTudo
Want to buy cell phones, TV and other discounted products? Meet Compare TechTudo
"This is a differentiated scam and the cybercriminal did in fact have a lot of work. The CPF check and the registration of the stores make it very similar to a real promotion of the brand and, therefore, extremely difficult for a user without technical knowledge to identify it as false ", explains Emilio Simoni, director of the dfndr lab. According to the security company, to perform this check it is necessary that the hacker has access to a database with the information, which may have been leaked on the Internet or gathered by a previous scam.
In order to make the action even more realistic, the bandits even registered 3,634 genuine stores of the brand so that interested parties could supposedly withdraw the won products. In addition, the content shared with friends is personalized and includes the name of the person sending it. The user is still able to check if the links were accessed or not by the contacts, encouraging them to click and participate in the alleged promotion and, in this way, provide their data to cybercriminals.
Fake message shared on WhatsApp offers O Boticrio brand gifts Photo: Reproduo / TechTudo
Only this year, O Boticrio had its name sometimes involved in crimes of this type. In February, they promised free samples of the Nativa SPA product to anyone who accessed the site and answered three questions. In March, they took advantage of the International Women's Day campaign to offer a fake makeup kit to anyone who clicked on the address indicated in the message. In June, they offered a kit of valentine products.
"It is essential that people take the security of their data very seriously, use a protection solution on their smartphones and always consult if the promotion exists on official channels or on link checking sites", informs Simoni.
WhatsApp itself suggests users to pay attention when receiving content indicated with the tag "Shared" at the top of the message balloon. "If the message seems suspicious or its content is too good to be true, in touch, share or forward it", guides the messenger security team.
In addition, the platform asks for attention to texts with requests to click on any address on the web that passes on messages or requests personal information (such as credit card number, bank account, birthday, password, etc.). When faced with such content, the user can report the account to WhatsApp without having to leave the app. This is important, as the social network does not have access to the content of the chat because of the end-to-end encryption system.
WhatsApp: five tips for using the app safely